CVE-2024-35329

28 Aug 2024, 16:15

Type	Values Removed	Values Added
Summary	(es) libyaml 0.2.5 es vulnerable a un desbordamiento de búfer basado en montón en yaml_document_add_sequence en api.c.
Summary	(en) libyaml 0.2.5 is vulnerable to a heap-based Buffer Overflow in yaml_document_add_sequence in api.c. NOTE: the supplier disputes this because the finding represents a user error. The problem is that the application, which was making use of the libyaml library, omitted the required calls to the yaml_document_initialize and yaml_document_delete functions.	(en) Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
References	{'url': 'https://drive.google.com/file/d/1xgQ9hJ7Sn5RVEsdMGvIy0s3b_bg3Wyk-/view?usp=sharing', 'source': 'cve@mitre.org'} {'url': 'https://github.com/yaml/libyaml/releases/tag/0.2.5', 'source': 'cve@mitre.org'}

---

12 Jun 2024, 22:15

Type	Values Removed	Values Added
Summary	(en) libyaml 0.2.5 is vulnerable to a heap-based Buffer Overflow in yaml_document_add_sequence in api.c.	(en) libyaml 0.2.5 is vulnerable to a heap-based Buffer Overflow in yaml_document_add_sequence in api.c. NOTE: the supplier disputes this because the finding represents a user error. The problem is that the application, which was making use of the libyaml library, omitted the required calls to the yaml_document_initialize and yaml_document_delete functions.

---

11 Jun 2024, 13:54

Type	Values Removed	Values Added
Summary		(es) libyaml 0.2.5 es vulnerable a un desbordamiento de búfer basado en montón en yaml_document_add_sequence en api.c.

---

11 Jun 2024, 05:15

Type	Values Removed	Values Added
New CVE

---